VIcom Corporation Hit by Ransomware Attack from Hunters International
Incident Date:
September 13, 2024
Overview
Title
VIcom Corporation Hit by Ransomware Attack from Hunters International
Victim
VIcom Corporation
Attacker
Hunters International
Location
First Reported
September 13, 2024
Ransomware Attack on VIcom Corporation by Hunters International
VIcom Corporation, a prominent technology solutions integrator based in Virginia Beach, Virginia, has recently fallen victim to a ransomware attack orchestrated by the hacking group Hunters International. The attackers have claimed responsibility for the breach, asserting that they have exfiltrated a substantial amount of data from the company.
About VIcom Corporation
VIcom Corporation, also known as Virginia Integrated Communication, specializes in a diverse range of services aimed at enhancing communication and operational efficiency for businesses. Their expertise includes teleconferencing, VoIP business phones, hosted PBX systems, audio-visual integration, digital signage, and security access control. Additionally, they offer managed IT services and paging systems, positioning themselves as a one-stop provider for organizations looking to improve their technological infrastructure and communication capabilities.
Acquired by Converge Technology Solutions in early 2021, VIcom has expanded its capabilities and reach, becoming part of a larger network that enhances its service offerings across North America. This acquisition has enabled VIcom to tap into additional resources and expertise in cloud solutions and cybersecurity.
Attack Overview
Hunters International has claimed that they have successfully breached VIcom Corporation's defenses, exfiltrating 264.7 GB of data encompassing 25,391 files. The attack was announced on the group's dark web leak site, where they listed VIcom as one of their victims. The specific details of how the ransomware group penetrated VIcom's systems have not been disclosed, but the attack highlights the vulnerabilities that even well-established technology integrators can face.
About Hunters International
Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in Q3 of 2023, shortly after the disruption of the notorious Hive ransomware group. The group's ransomware code contains significant overlap with Hive, suggesting a shared technical lineage. Hunters International focuses on exfiltrating target data and extorting victims with ransom demands in exchange for the return of the stolen data.
The group has been detected targeting victims across various regions, including the US, UK, Germany, and Namibia. Investigations have revealed potential ties to Nigeria, although the group uses fake identities and tricky methods to conceal their true origins. Despite their denial of any affiliation with Hive, the technical and operational similarities suggest an evolution or offshoot of the dismantled operation.
Implications for VIcom Corporation
The ransomware attack on VIcom Corporation underscores the importance of comprehensive cybersecurity measures, especially for companies involved in technology integration and communication solutions. As a provider of critical services to various sectors, including corporate environments, educational institutions, and healthcare facilities, VIcom's breach could have far-reaching implications for their clients and partners.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.